Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/dbfFBJNL6DvVg9LruFwZnYIxGnI.roa
File:                     dbfFBJNL6DvVg9LruFwZnYIxGnI.roa (raw, json)
Hash identifier:          3wH6AvNFJ+kCW1tD11U5Qym0uXnQTB8kduWfZCEOezA=
Subject key identifier:   75:B7:C5:04:93:4B:E8:3B:D5:83:D2:EB:B8:5C:19:9D:82:31:1A:72
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0E70
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/dbfFBJNL6DvVg9LruFwZnYIxGnI.roa
Signing time:             Fri 01 Sep 2023 08:49:41 +0000
ROA not before:           Fri 01 Sep 2023 08:49:41 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17809
IP address blocks:        121.254.64.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3696 (0xe70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Sep  1 08:49:41 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=75B7C504934BE83BD583D2EBB85C199D82311A72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:61:6d:a5:e8:7f:51:f5:fc:8c:23:eb:17:0a:
                    a5:2d:1f:7e:99:e3:70:4e:57:3f:dc:66:a3:81:10:
                    0e:b7:c6:27:34:21:36:80:7f:f1:d6:22:c2:b4:57:
                    f4:78:6c:08:2b:b6:7a:e2:9a:71:d7:4f:ea:6a:22:
                    19:fe:bf:51:36:e3:e0:5e:43:c8:cf:15:ec:63:7b:
                    35:47:35:24:97:42:bf:b4:59:a0:43:84:b8:28:ed:
                    d4:88:be:c5:66:d2:ba:6a:ca:ac:c2:57:af:a6:f3:
                    c8:2a:bf:cb:2e:4d:cd:fe:29:b7:fb:30:e1:f2:bc:
                    cd:f4:05:57:f8:13:aa:90:43:69:8a:cb:03:29:35:
                    fa:1e:cc:c0:a2:f2:1c:61:de:fb:3e:02:06:6c:fc:
                    e4:47:0c:fe:e2:99:1e:c8:63:23:a0:0c:dd:00:0c:
                    90:de:37:29:e9:bf:12:7c:6b:49:81:09:cc:91:aa:
                    01:53:89:2e:ad:49:11:49:e6:e2:8a:e8:03:51:cb:
                    a4:1f:4c:25:3c:f3:cb:6e:5d:dd:23:6b:ee:99:e4:
                    9c:37:f9:02:c2:c1:fa:ad:16:33:9f:8c:cb:39:9f:
                    99:97:e6:e3:47:9e:fd:75:5a:7f:7c:9a:99:72:5f:
                    e2:de:12:94:cc:f4:0c:c6:d5:e3:e4:6f:1b:a8:7f:
                    ca:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:B7:C5:04:93:4B:E8:3B:D5:83:D2:EB:B8:5C:19:9D:82:31:1A:72
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/dbfFBJNL6DvVg9LruFwZnYIxGnI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.254.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         9c:85:4c:6d:5e:66:e7:bf:a6:fc:91:ae:7f:11:f4:2a:72:e5:
         c7:d7:e0:07:14:f3:b7:44:fd:e9:19:7a:c9:d5:2f:97:df:9a:
         eb:8a:ed:a7:e8:37:3b:a2:a5:9f:e5:ad:02:ab:0d:59:3a:87:
         75:2b:4e:2e:d7:56:e2:60:f4:61:70:ac:8f:e5:02:4b:07:3a:
         1e:0c:c0:ae:14:75:d2:e2:c4:f6:e8:a6:92:c5:c7:08:6c:ba:
         91:19:26:38:bd:75:11:a2:e1:ea:c9:0b:b4:0a:b9:48:a6:e5:
         3e:b4:2d:4c:b8:6d:53:e5:e3:35:f2:4f:a6:21:1c:37:cc:9a:
         6e:3a:12:32:fd:b5:9b:9c:7f:ab:9b:b2:2e:cc:8d:f3:20:23:
         c3:23:f2:d5:27:9e:96:20:b9:33:1f:69:60:5e:4a:97:93:9e:
         1f:c3:5a:ec:0f:20:38:39:20:20:d9:f5:4b:7f:49:c5:a8:47:
         ab:f7:f9:28:dd:d4:cf:da:e1:99:1c:8d:0d:dd:a9:9b:63:51:
         58:1a:bc:94:7e:39:ca:2b:80:d2:96:d3:00:2a:d5:ac:00:24:
         16:49:00:fe:ba:03:b8:ab:49:33:52:de:7e:61:a5:62:89:42:
         b4:1b:20:2e:38:1f:68:fe:72:d8:7c:b8:ee:05:8d:5f:38:e9:
         83:3b:13:46
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc1QjdDNTA0OTM0QkU4
M0JENTgzRDJFQkI4NUMxOTlEODIzMTFBNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9YW2l6H9R9fyMI+sXCqUtH36Z43BOVz/cZqOBEA63xic0ITaA
f/HWIsK0V/R4bAgrtnrimnHXT+pqIhn+v1E24+BeQ8jPFexjezVHNSSXQr+0WaBD
hLgo7dSIvsVm0rpqyqzCV6+m88gqv8suTc3+Kbf7MOHyvM30BVf4E6qQQ2mKywMp
NfoezMCi8hxh3vs+AgZs/ORHDP7imR7IYyOgDN0ADJDeNynpvxJ8a0mBCcyRqgFT
iS6tSRFJ5uKK6ANRy6QfTCU888tuXd0ja+6Z5Jw3+QLCwfqtFjOfjMs5n5mX5uNH
nv11Wn98mplyX+LeEpTM9AzG1ePkbxuof8pRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUdbfFBJNL6DvVg9LruFwZnYIxGnIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvZGJmRkJKTkw2RHZWZzlMcnVGd1pu
WUl4R25JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnn+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAnIVMbV5m57+m/JGufxH0KnLlx9fgBxTzt0T96Rl6
ydUvl9+a64rtp+g3O6Kln+WtAqsNWTqHdStOLtdW4mD0YXCsj+UCSwc6HgzArhR1
0uLE9uimksXHCGy6kRkmOL11EaLh6skLtAq5SKblPrQtTLhtU+XjNfJPpiEcN8ya
bjoSMv21m5x/q5uyLsyN8yAjwyPy1SeeliC5Mx9pYF5Kl5OeH8Na7A8gODkgINn1
S39JxahHq/f5KN3Uz9rhmRyNDd2pm2NRWBq8lH45yiuA0pbTACrVrAAkFkkA/roD
uKtJM1LefmGlYolCtBsgLjgfaP5y2Hy47gWNXzjpgzsTRg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org